Senator Elizabeth Warren (D‑MA) made a curious argument celebrating the Bank Secrecy Act at yesterday’s Senate Banking hearing on cryptocurrency entitled, “Crypto Crash: Why Financial System Safeguards are Needed for Digital Assets.” While her argument may have sounded reasonable, the facts are not on the Senator’s side.

Senator Warren argued that Congress decided in 1970 that it was “time for financial institutions to do their part to prevent money laundering, so it passed the Bank Secrecy Act.” Senator Warren then noted that the banking industry pushed back because the requirements of the Bank Secrecy Act would “have been a tremendous expense as well as a pain in the neck.” Yet, the Senator continues, the industry made it work and cryptocurrencies should be forced to do the same.

Granted, Senator Warren only had a few minutes to speak, but even then, her comments missed the true nature of the history of the Bank Secrecy Act. And more concerningly, they demonstrated a questionable understanding of both cryptocurrencies and the remaining constitutional protections that Americans still have.

The Origin of the Bank Secrecy Act

First, as my Cato Institute colleagues, Norbert Michel and Jennifer Schulp, have documented in great detail, the Bank Secrecy Act passed in 1970 was only a fraction of what exists today. Originally, the 1970 law set the requirement that U.S. financial institutions maintain certain records and report certain transactions to the government. Yet even this initial state proved to be problematic.

Senator Warren is right that the banking industry was quick to push back, but they were not alone. In fact, in a hearing prior to the Bank Secrecy Act’s passage, several members of Congress complained that the bill’s domestic transaction reporting requirements did not address the legislation’s stated purpose, which was to address problems caused by foreign bank secrecy laws. Others objected that the reporting requirements would violate bank customers’ privacy.

In the years following the passage of the Bank Secrecy Act, civil liberties groups, members of Congress, a congressional commission, and others echoed the same concerns. For instance, the American Civil Liberties Union (ACLU) joined the California Bankers Association and Security National Bank in applying for a restraining order to stop the enforcement of the Bank Secrecy Act in 1972. However, their argument wasn’t centered on the costs of enforcement. Rather, they argued that the Bank Secrecy Act violated the Fourth Amendment’s protection from unreasonable search and seizure as well as the protections provided by the First and Fifth Amendments. Although the law was ultimately allowed to carry on, Supreme Court Justices Lewis Powell and Harry Blackmun explicitly cautioned against the risks that expanding the law would present. In fact, Justice Thurgood Marshall even noted,

By compelling an otherwise unwilling bank to photocopy the checks of its customers the Government has as much of a hand in seizing those checks as if it had forced a private person to break into the customer’s home or office and photocopy the checks there.

A Tremendous Expense Indeed

So if the objections to the Bank Secrecy Act were about more than just bankers being stubborn, then what about those tremendous costs that the Senator mentioned and dismissed?

Unfortunately, despite warnings from the Supreme Court, both Congress and administrative agencies have extensively expanded the Bank Secrecy Act regime. According to the latest estimates, the current Bank Secrecy Act regime cost financial institutions $45.9 billion in 2022. Yet the cost of compliance is likely higher than that number suggests. For instance, there’s also the cost of banks leaving the southern border in what’s been termed “derisking.” In short, banks have limited or outright ended their relationships with customers in certain locations because of above‐​normal Bank Secrecy Act compliance burdens (i.e., processing money transfers sent to Mexico brings added regulatory scrutiny).

Were these costs not bad enough on their own, there’s also the issue of the purported effectiveness of this regime. As far as the public can tell, there are approximately 20 million Bank Secrecy Act reports filed in a given year, but very little to show for it. In fact, the Financial Crimes Enforcement Network (FinCEN), the agency charged with overseeing Bank Secrecy Act reporting, could barely answer how many reports lead to arrests during last year’s oversight hearing. (FinCEN promised to provide a report detailing the numbers by the end of 2022, but that report is so far nowhere to be found.) As it stands, the only number Americans really have to work with in judging the effectiveness of the regime is the 752 money laundering offenders that were reportedly sentenced to prison in 2021—a figure that works out to more than $61 million per conviction.

The Constitution Matters

Finally, with it established that the history surrounding the Bank Secrecy Act is more complicated than Senator Warren suggested, and that the costs of compliance have indeed been tremendous, there just remains the question about how the future regulations should take shape. Namely, should the cryptocurrency industry be forced to act like banks and report on customer activity? Although Senator Warren answered yes to this query, that position fails to account for both the technology and the constitutional protections that Americans still have.

Recalling the origins of the Bank Secrecy Act, the issue of financial privacy reached the Supreme Court in 1976. After reviewing the question of whether the Fourth Amendment protects financial records held with a bank, the Court effectively affirmed the constitutionality of the Bank Secrecy Act under what’s come to be known as the third‐​party doctrine. In short, the court held that so long as a third party is involved (e.g., a bank or credit union), customer records are not protected by the Fourth Amendment. However, to the extent third parties are not present, the Fourth Amendment still applies.

This detail is important for understanding how the law applies to cryptocurrencies. To the extent a cryptocurrency is decentralized (e.g., Bitcoin) and it is exchanged over a self‐​hosted wallet (e.g., Ledger), then there is no third‐​party involvement. Senator Warren described this reality as a “giant loophole,” but it’s really just a matter of upholding the Constitution. In fact, given just how much Supreme Court justices expressed concern over their original considerations of both the Bank Secrecy Act’s reporting requirements and what came to be known as the third‐​party doctrine, it’s next to impossible to square how going after transactions between two individuals without a warrant does not run afoul of the protections guaranteed by the Fourth Amendment.

Conclusion

Stopping criminal activity is certainly a valid pursuit, but the Bank Secrecy Act regime has done, at best, little more than flood law enforcement with millions of unnecessary reports. It is an ineffective and inefficient way to focus resources. Senator Warren closed her argument by reintroducing her bill to expand these reporting requirements and further diminish financial privacy, but it’s just as flawed now as it was last year.

All members of Congress should take careful note of a letter organized by Fight for the Future earlier this year. In that letter, the group warned: “Should cybercriminals successfully tempt the United States to abandon the human right to privacy and the U.S. Constitution, everyone will lose.” Unfortunately, the specter of crime has often overshadowed the true crimes taking place and led to over expansions of government. And unfortunately, the Bank Secrecy Act has been a near perfect example of a mere threat expanding the government’s reach. It’s time to carve a better future, not double down on old mistakes.

For more on the history of the Bank Secrecy Act, see “Revising the Bank Secrecy Act to Protect Privacy and Deter Criminals.”